14 matches found
CVE-2025-48507
The security state of the calling processor into Trusted Firmware TF-A is not used and could potentially allow non-secure processors access to secure memories, access to crypto operations, and the ability to turn on and off subsystems within the SOC...
EUVD-2025-198576
The security state of the calling processor into Arm® Trusted Firmware TF-A is not used and could potentially allow non-secure processors access to secure memories, access to crypto operations, and the ability to turn on and off subsystems within the SOC...
CVE-2025-48507
The security state of the calling processor into Trusted Firmware TF-A is not used and could potentially allow non-secure processors access to secure memories, access to crypto operations, and the ability to turn on and off subsystems within the SOC...
CVE-2025-48507
The security state of the calling processor into Trusted Firmware TF-A is not used and could potentially allow non-secure processors access to secure memories, access to crypto operations, and the ability to turn on and off subsystems within the SOC...
PT-2025-47853
Name of the Vulnerable Software and Affected Versions Arm® Trusted Firmware TF-A affected versions not specified Description The security state of the calling processor when entering Arm® Trusted Firmware TF-A is not properly utilized. This could allow processors operating in a non-secure state t...
CVE-2025-47419
Cleartext Transmission of Sensitive Information vulnerability in Crestron Automate VX allows Sniffing Network Traffic. The device allows Web UI and API access over non-secure network ports which exposes sensitive information such as user passwords. This issue affects Automate VX: from...
CVE-2025-47419
Crestron Automate VX contains a vulnerability (CVE-2025-47419) where Web UI and API access over non-secure ports allows cleartext transmission of sensitive information, including passwords. Affected firmware ranges are 5.6.8161.21536 through 6.4.0.49. The issue originates from transmitting sensit...
CVE-2025-47419 Non-Secure Access
Cleartext Transmission of Sensitive Information vulnerability in Crestron Automate VX allows Sniffing Network Traffic. The device allows Web UI and API access over non-secure network ports which exposes sensitive information such as user passwords. This issue affects Automate VX: from...
DEBIAN-CVE-2024-7883
When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first use of floating-point since entering Secure state...
SUSE CVE-2021-35465
Certain Arm products before 2021-08-23 do not properly consider the effect of exceptions on a VLLDM instruction. A Non-secure handler may have read or write access to part of a Secure context. This affects Arm Cortex-M33 r0p0 through r1p0, Arm Cortex-M35P r0, Arm Cortex-M55 r0p0 through r1p0, and...
CVE-2021-35108
Improper checking of AP-S lock bit while verifying the secure resource group permissions can lead to non secure read and write access in Snapdragon Connectivity, Snapdragon Mobile...
Input validation
Improper checking of AP-S lock bit while verifying the secure resource group permissions can lead to non secure read and write access in Snapdragon Connectivity, Snapdragon Mobile...
PT-2022-10426 · Qualcomm · Snapdragon Connectivity +1
Name of the Vulnerable Software and Affected Versions: Snapdragon Connectivity, Snapdragon Mobile affected versions not specified Description: The issue arises from improper checking of the AP-S lock bit while verifying secure resource group permissions. This can lead to non-secure read and write...
多款 ARM 产品安全漏洞
ARM Cortex-M55 and others are products of ARM UK.ARM Cortex-M55 is ARM Holdings' ultra-low power ARM microarchitecture for microcontrollers and embedded subsystems.ARM Cortex-M35P is a tamper-resistant Cortex -M processor.ARM Cortex-M33 is a feature-rich implementation of the Armv8-M architecture...